basically, you use a master password which uses the domain of the website you're on to generate, via a one-way md5 hash, a password for each website you visit.

thus you can have a unique pass for each site yet only need to remember the master pass

since it uses a pretty secure algorithm, as long as your master pass is unguessable and kept secret, you should be fairly safe!

p.s probably a good idea to save the master password generator page along with the javascript, so if the webpage disappears you can regenerate the bookmarklet.. so save this page "complete" http://labs.zarate.org/passwd_new/builder.html and be sure it includes the builder.js script.

at the moment i have some fairly long passwords that i remeber but its the infrequent ones that i forget, only porbel is that theses are local systems without a dns entry, might just use the ".local" instead

at the moment i have some fairly long passwords that i remeber but its the infrequent ones that i forget, only porbel is that theses are local systems without a dns entry, might just use the ".local" instead

well, set up a DNS entry then... I use "home.x.y.z" for my home systems, with an internal DNS server for forward (and reverse). In the outsite world, there's a wildcard entry so that when roaming I can use "imap.home.x.y.z" and it goes to the firewall instead, which can choose to let me in or not, and forward ports as appropriate (if I've done the port knock, for example), so I can rdesktop to my windoze box!